[ale] Ubiquiti cloud compromise
James Sumners (ALE)
james+ale at sumners.email
Tue Mar 30 23:13:52 EDT 2021
Like I said. SDN is great, but not if you host the software somewhere else. https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/
"The source — we’ll call him Adam — spoke on condition of anonymity for fear of retribution by Ubiquiti.
“It was catastrophically worse than reported, and legal silenced and overruled efforts to decisively protect customers,” Adam wrote in a letter to the European Data Protection Supervisor. “The breach was massive, customer data was at risk, access to customers’ devices deployed in corporations and homes around the world was at risk.”"
On January 11, 2021 at 17:11:53, James Sumners via Ale (ale at ale.org) wrote:
Here's a reminder why you should host your own network configuration for
the Ubiquiti SDN stuff:
+ https://mailchi.mp/ubnt/account-notification?e=13f3aa2a60
+
https://web.archive.org/web/20210111220928/https://mailchi.mp/ubnt/account-notification?e=13f3aa2a60
FWIW, I use https://github.com/jacobalberty/unifi-docker to manage my
home network. I really like the Ubnt gear, but there's no way I'm
relying on their hosted configuration management tool for my network.
_______________________________________________
Ale mailing list
Ale at ale.org
https://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.ale.org/pipermail/ale/attachments/20210330/5c825983/attachment.htm>
More information about the Ale
mailing list